Posted
by
kdawson
on Saturday March 22, 2008 @06:34PM
from the now-please-put-real-id-to-bed-without-its-supper dept.

CNN is reporting on the widening brouhaha that began when Barack Obama's passport file was accessed illegally on three occasions beginning in January. Now it seems that John McCain's file was also snooped; and that last year Hillary Clinton's file suffered the same fate. Ars Technica nails the real importance of these breaches, saying that the Presidential hopefuls are "...currently providing the country with a very public lesson in why the 'privacy advocates' who oppose initiatives like Real ID and the executive branch's domestic surveillance programs should really be called 'democracy advocates.' In short..., the entire incident shows exactly why citizens' privacy is critical in a country where citizens compete with one another for control of the government."

I see it as a reason that all passport information should be freely accessible to anyone who wants it. After all, it's owned by the public already. Full transparency is a more effective solution than full opacity because it's both easier to achieve, and eliminates abuses by making them uses.

Bribes to congressman should be legal; they're going to take bribes anyway, so if they're illegal it will accomplish making congress look bad, which in turn diminishes the integrity of the government and country which is bad for us all.

Except bribing congress is pretty much legal already, and I'd imagine they came up with a better excuse than that for why:/

Turns out, one of the contract companies who had one of the involved employees (and by definition was therefore on the payroll of that company) just happens to have a CEO that is an Obama campaign supporter. Thus, The Clinton camp is trying to desperately distort it into "someone associated with the Obama campaign "paid" the guy who snooped."

Turns out, the CEO of the OTHER contract company who had the remaining two employees that were involved in th

Full transparency is a more effective solution than full opacity because it's both easier to achieve, and eliminates abuses by making them uses.

In general, full transparency is not a solution to privacy problems, though, because not everyone has equal power given the information. If a public official knows my name and address, he can look me up on all kinds of databases and, more to the point, make entries on all kinds of databases that may ultimately cause harm to me. If I know his name and address, what am I going to do, go stand outside his house with a sign saying "Abuser of power!"?

The issue illustrated is that clerks can get anything stored. Governments and companies like to pretend they are better than others when they keep things they should not. Improper access proves the lie, not that passport records are inherently damaging.

The issue is really about what records should be kept and who owns them. The public does not own the record of my travel unless I'm doing public work. I'm the only person who should be able to make that kind of information available when I chose. The st

"I wonder what the Ars Technica/privacy zealots who oppose RealID protection will say when the next hijacked airliner is crashed into a building."

I'm sorry, "RealID protection" I fail to see how having an ID is protection at all. The topic of course is about peoples private information being looked at. We currently don't know if it was given to anyone or what purpose the access was done. But I suspect that the passport information contains things like passport number and SSN and other identifying information. Well identity theft is a serious costly issue to all of us, now isn't it. I would imagine that the information in the passport file would contain some lovely information that could be used for identity theft. That of course would be rather dumb for the celebrities this article is about, but it seems that only some of the more important names were flagged for the type of alert that caused this to be exposed. Who knows how many others have had their information comprimised, illegally I might add.

Now lets all get a database of information on everyone. That will solve the problem, require everyone to have an ID that they will be required to carry, that solves the problem doesn't it. Wait a minute what was the problem, identity theft? If someone has a fake ID that looks good, well then they are that person, if they have the background information like the ssn, address, and those little numbers on the back of the card, well then they are that person. Substituting an external tag for a person, substituting a copyable, forgable, piece of identification for a living breathing person, does not solve a problem, it only says we trust and ID more than we do a person, we trust our information database more than a living breathing citizen. If someone wanted to blow up a building, they can forge the documents, and pictures and the building will be history. Better to find out why anyone would want to blow up a building and see to it that the reasons don't exist. In the case of 911, it was our presence in the Middle East that Bin Laden was pissed about. That presence cost us the trade towers. We (the country leaders) of course wanted to be there and had no fear, because we are the super power, so there, bring it on.

> it was our presence in the Middle East that Bin Laden was pissed about.

Ur, last time i checked, he also doesn't believe in democracy. Let's stop that craziness and then we'll be perfectly safe, right?

The Wikipedia article on the McVeigh bombing [wikipedia.org] states that the prosecution's hypothesis was that he was driven by hatred of the US because of various things including: tax increases, the Waco siege and Ruby Ridge. After that bombing, you immediately supported the elimination of tax increases and FBI raids on

I agree with your sentiment about ID. As far as terrorists please stop being a sheep you can not live life without pissing people off singlely or collectivly because anger is not a rational thing. If you want out of the middle east thats your perogative but please do not use the theat of violence as your justification. Also dont think that it will stop terrorists from attacking there will allways be somethig that pisses somebody off enough to blow something up if for no other reason than metal desiese. T

I wonder what the Ars Technica/privacy zealots who oppose RealID protection will say when the next hijacked airliner is crashed into a building.

They'll say "wow, and the government issued the terrorists real RealIDs, just like the rest of the terrorists who were all legally identified.

Meanwhile the people collecting my tax money to make yet another piece of plastic ID card will laugh all the way to the bank while people like you stand around drooling and wondering why their magical bits of plastic didn't sa

I see no connection between the existence or not of a unique identity validation system and the results of years of incompetent foreign policy that allowed such extremist groups to thrive. IIRC, the hijackers didn't need to lie about who they were to board and hijack those planes and their real names were there in the passenger list.That hijacking subverted the commonly accepted rules of the time. Before 9/11, the planes and its passengers were considered valuable hostages that would be used for bargaining

They will say what every reasonably intelligent person that has been paying attention will say. The fuckers that hijacked that plane and flew it into the towers had valid fucking passports. Nice try, now please, move your chickenshit freedom hating ass to China or Russia where you can be safe and the big brother government will keep you that way. We don't need it, we don't want it, take your nonsense elsewhere.

Government has unprecedented data gathering and search capabilities, and is seeking increases in those capabilities. These capabilities are hard to prevent; even if Real ID and similar programs get turned back increased capabilities are the inevitable result of easy to create networks, increasing computer performance and data storage capacity.

Along with that should go greatly increased penalties for the abuse of these capabilities. Firing a contractor seems hardly sufficient. Anyone performing this sort of act should serve significant jail time, financial penalties, and so on. If repeat offenses occur the company for whom the contractor works should be banned from future government related contracts.

Along with that should go greatly increased penalties for the abuse of these capabilities. Firing a contractor seems hardly sufficient.

Firing does seem inadequate, but you want go easy on the knee jerk throw all the baddies in jail response, given that the US already has one of the highest incarceration rates expressed as percentage of population. Simpler would be to cut off a hand for the first offense, the other hand for a second, and so on from there depending on what body part they are using to access a computer. I think most would stop with the first amputation.

If you you read my posting more carefully, it was a generalized call for stiffer penalties that included jail as merely one option. Amputation isn't something that has cultural precedent in modern America, but surely other options are possible.

Government has unprecedented data gathering and search capabilities, and is seeking increases in those capabilities. These capabilities are hard to prevent;

Along those lines: technology has increased the capability for copying and sharing intellectual property. So, shouldn't we have much stiffer penalties on things like filesharing and copying of music? Perhaps we should allow the RIAA to directly arrest people they suspect of these crimes, or perhaps shoot them on sight? After all, technology makes this a much more serious issue.

...that the actual culprits (of the most recent "oopses") were an employees of a contractor run by an Obama adviser, John O. Brennan [cnn.com]. The previous one was a trainee who was instructed to test the access with a family member's name. I'm neither for nor against Obama, but he crowed the loudest and it was people answering to someone in his camp, not from "the administration"....interesting...

that the program that caught them was one designed to track the access of the records of "high-profile Americans?" Because it doesn't matter if the rest of us have our passport files snooped? What do you need to do, exactly, to be "high-profile?"

High profile people are more likely to have their records accessed unnecessarily than any of us. The flags were put in place after Bill Clinton had his records searched by political enemies trying to prove he dodged the draft during his first run for president. Hopefully they have an access/audit trail for the records so that if something improper goes on it can be properly investigated but sending up an alert every time everyone's records are accessed would be a pretty stupid idea.

According to the article, if they hadn't looked at famous people's records, they wouldn't have gotten caught. In other words it's common for these contractors to look at various people's passport records, only these few were stupid enough to choose to snoop after famous people besides their usual routine of checking on their neighbors, unfaithful spouses, the girl they're stalking, etc.

I hope that that statue of limitations in in effect now, but in case it isn't I'll fuzz a few of the facts. A few years back, I was working for a state office that had a disaster recovery aggreement with the department that handles driver's licenses. So, I was alone in their computer room, and there was a terminal logged into the driver's license database. I did a search of my name, and sure enough there were my records. Then I did searches of several other people, including the governor. At the time, the records included your SSN, but this was before anyone had heard of identity theft so I didn't think anything of it. I didn't take any notes of anything I saw, and cleared the screen before anyone got back. I don't think any investigation was done; at least no one contacted me wanting to know why my records might have been the first ones searched.

At the beginning of the week, Stanley, the outsourcing services providing who employed the contractors responsible for the snooping, was awarded a $600 million five year contract to continue providing services for the State Department.

Am I the only one who finds it a bit convenient that word of the snooping wasn't released until two days after the contract was awarded, over two months after the first snooping against Obama occurred? You'd almost think they had some friends in high places who made sure it didn't become public, since that's the kind of revelation that could have put a big roadblock on their contract award.

I wonder what those involved in suppressing the information will be receiving from Stanley? A cushy job or consulting contract? Campaign contributions for high ranking State Department staffers who might be thinking about a run for Congress in 2010 should the republicans lose the White House?

This is how our political systems works right now - corruption - pay offs - lobbiests... The is EXACTLY the kind of cr@p Obama is wanting to put a stop to! Vote for Hillary or McCain and this kind of stuff WILL continue if not get worse....

OK, one last time, democracy and freedom have no inherent connection to one another. What you want is a liberal, accountable government which would make you a "liberty advocate," not a "democracy advocate."

I could care less about the "state of democracy" in America. What I want is the state of the Constitution, something that often is sacrificed by public approval.

I agree with the point you are trying to make regarding the two terms, but as a practical matter are there any governments with a significant amount of freedom for individuals that are not also democracies?It certainly makes more sense to confound freedom and democracy than it does to confound liberty and liberal, certainly in modern use. I'm very much in favor of liberty, which is why I've never considered myself a liberal (in the modern sense). Federal government insertion into every aspect of our lives

Come again? Democracy works only if the population is informed and in control.How can you have a working democracy if the population isn't free? Let's see what Wikipedia says about that:

Political freedom is the absence of interference with the sovereignty of an individual by the use of coercion or aggression. The members of a free society would have full dominion over their public and private lives. The opposite of a free society would be a totalitarian state, which highly restricts political freedom in ord

The real question to me is, what is actually in there that is so helpful, or harmful, to other people besides idle curiosity? Unless some candidate outright lied on their application, how useful really is this information in the first place?

The single most elementary premise upon which a free society is based is that the state has absolutely no right to interfere in any way whatsoever with a citizen who is going about his legal business. None. Any infringement on this standard is the beginning of the end, because it places the welfare of the state above the welfare of the people who are supposed to be its masters.

Yes, sometimes terrorists and common criminals will take advantage of this freedom to inflict damage. That's part of the price you pay. If you aren't willing to pay, or even have your children pay, then pack up and move to Communist China. You and your children will be safe there, as long as you keep your mouths shut.

I can go on for ages with reasons why people who are supposed to be your servants, like politicians, cops and bureaucrats, are always so anxious to persuade you that just a little tiny surrender will save the children and kittens and puppies. It won't, and they'll want more. And more. And more.

And never forget that this one of those cases where mutual accommodation is possible in only one direction. If I impose rigorous privacy laws, I can agree that you don't value privacy and leave you to whatever lifestyle pleases you. You aren't affected in any way, because you can still give as much information as you want to anybody you want to have it. On the other hand, when you impose your anti-privacy laws, there's no room for me to be left alone with my choice.

>They have to present this passport to government officials upon arrival in every country they visit.>Why should they expect privacy in this matter?There is more information in the State Department's passport file than what is on the passport.In particular, it lists the amount of money you have taken into and out of the country, and thereis information specific to people who travel with diplomatic credentials. The passport itself mayhave visa stamps, but it does not contain transcripts of interviews

Why should anyone running for a public office (or holding one) have any assumption of privacy for a US passport?

I would think entry/exit data should be public information, as well as each country visited using that passport, which after all, was provided at public expense, backed by the tax payers, carries with it an expectation of the US government using its influence to secure the safe travel of these people who are de-facto targets of people who would harm the US.

I could make the same case for anyone, really, why should you expect your world travels to be a private matter? What could be more public than world travel?

At most these workers would seem to have violated an unauthorized use of computing resource rules. The fact that it was a political candidate LESSENS the infraction in my opinion.

The fact that they WERE ABLE TO access the information means heads should roll, but not their heads. Why aren't the IT folks being keel hauled instead of these drones? What kind of security does this agency have where the biggest impediment to access is a "thou shalt not"?

I do not want some bloated, mis-managed, government agency to have all of my medical records, employment records, or business records. If anybody thinks some sub-contracted flunky at a keyboard will be happy snooping through the passport records of his fellow citizens after their medical records become available as part of some similarly unsecured, poorly engineered, unsupervised federal bureaucracy, you're kidding yourself. This stuff is rapidly spinning out of control and the only way to put the brakes on it is to head back toward what the country started with: a small, tightly focused federal government that keeps records on its citizens to the minimum degree practical.

This situation was bad enough when the idiots in government had our data. It gets worse now that government is outsourcing work to non-government people who will never be properly held to account; it opens the way for outside entities to gain access to the data by hiring people to do temporary data harvesting jobs, injecting those people into those outsourced government positions, then acting shocked and "firing" them when they get caught (with bonuses and options to be re-hired later by another division...) That may not be what happened here, but it will happen as the government gets more of our data and that data becomes more interesting/valuable to outsiders.

Your privacy, like your reputation, is not a physical thing; once you hand it over or damage it, you can never get it back.

Kind of a non-story for me. Reading articles on this it really seems like it was a curious employee who wasn't paying enough attention to the warnings given and or consequences about private data. Honestly I blame our celebrity lifestyle for this. Everyone is so wrapped up in famous people they forget about what they are authorized to do. I find it hard to judge someone for letting their curiosity get the better of them.

If you were given the power, how many of you would resist the urge to look up Natalie Portman's [insert your favorite opposite sex celebrity here] passport?

That's what most of the information is pointing to. (Unless of course this is what they want me to conclude.) Now if it's politically motivated such as Nixon era privacy breaching I'd probably feel differently about it.

I could spell out the political potential inherent in the executive branch's massive domestic surveillance program by drawing parallels to the government's Vietnam-era spying on anti-war protesters and civil rights leaders like MLK, but I'll leave that as an exercise to the reader.

Translation: Utterly and completely without cause I'll put in some unrelated hot-button stuff and then try to pretend I didn't.

As I've reported previously, the major problem with Real ID is that local DMV and law enforcement officials will have access to an unprecedented amount of sensitive information on anyone with a Real ID--scanned copies of any documents used to establish identity, like birth certificates, bank statements, pay stubs, property tax bills, and so on, not to mention driving histories from other states. Now imagine all of that data in the hands of a crooked sheriff who's fighting off a reformist challenger in a hotly contested election. Do you really want to live in that world?

And really, that's the whole point of this [Ars Technica] 'news' story - not to tell the news, but to slant it and spin it until it is no longer recognizable and then to attach editorial comments unrelated to main story. If Faux News, CNN, or one of the other big networks did this, Slashdot and the rest of the blogosphere would be up in arms about such journalistic misbehavior.

That is the main assumption - and an utterly unfounded one. Because unless there are skeletons hidden there - there practically isn't anything there that isn't already public information or trivially available for the purposes you list. This isn't news at all, but a puff piece disguises as news - and many Slashdot readers either lack the critical thinking skills to tell the difference or simply don't care.Like the author of the Ars Technica piece, you've substituted handwaving, smokescreens, and "

I have nothing to hide... but that IS completely beside the point.I'll give a shit about this when I can pick up the phone and not think it is already bugged or being listened to.I'll give a shit when I can see the records of the numbers that were bugged in this country WITHOUT A WARRANT.I'll give a shit the day I can use my computer and not worry about the links I click on.

Trust me... one day I will give a shit. One day. Today, I do not. I think it is funny and their information should be freakin' publis

* Story Highlights
* Source: John Brennan advises Barack Obama on foreign policy, intelligence issues
* The passport files of three presidential contenders were improperly accessed
* A contractor for the Analysis Corp. has been disciplined
* Two contracto

Don't ask why or apply logic, just accept the fact that we got a blow in for whatever we are supposed to support this week. Haven't you noticed slashdot becoming more of a political "tool" then a place to discuss news for nerds.I guess maybe there wouldn't be enough discusion without the flame though, I don't know.

The only reason this case of abuse was noticed is because high profile people have a tripwire attached to their records to alert a supervisor whenever those records are accessed. The people who pass laws have built in special privacy protections for themselves and anyone with money, fame, or notability. You think it would be front page news if a contractor was probing through the passport records of sumdumass (711423)?

If you can't see the relationship between a contractors snooping through a Passport database and the potential for contractors snooping through a Real ID database... you must be willfully blind.

And they will set of alarms and be caught again and again. You see, The protections worked. That's why we know the abuse happened. SO far we know who did it, what they accessed, and any connections to either candidate. There are already laws on the books if they use any of the information to damage anyone. And the government who knew about this before we did, knows nothing has been used so far.I don't know how better it could have worked. I mean outside discarding the information and not keeping a record of

These are people who are supposed to have access to the information. You can't remove their access or prevent their access much more then saying "Don't Do That" and expect them to do the job. This differs from reactive security in quite a significant way where the breach comes from someone who isn't allowed access.So what you do is create a system where there is X amount of paperwork and/or procedures from more then one person or something similar then monitor file access by the people who are supposed to h

Political is fine. A political took presents the stories in a favorable way to a certain side.The difference would be a neutral story summery that might say something like, "federal employees and contract workers were caught looking at presidential candidate's pass port records." A tool story would be one that assigns opinion as if it was fact to the summery or story itself or attempts to coopt the story to press another agenda. One of these looks like the "currently providing the country with a very public

Don't ask why or apply logic, just accept the fact that we got a blow in for whatever we are supposed to support this week.

Christ. This comes up often enough it deserves its own saying. Let's make it this: In Soviet Slashdot, groupthink posts you!

No, seriously, this just keeps coming up and it's retarded. Slashdot readers are anything but a representative sample of American (or any) society. Of course we don't reflect it, let alone the full range of the political (left-right) spectrum.

When the editors post a good story, we get between two and five hundred posts discussing how and why this is alarming, what the possible implications may be, etc. Once moderation is applied we end up with a very high signal to noise ratio. Dissenting views are pretty much always modded up, except when they're trolls or flamebait (and even then, people often take the time to read them and reply). Other sources are often quoted or linked to, and those posts get modded up too. In other words, we get a good, interesting (possibly insightful, or informative, sometimes even funny) discussion.

When the editors post something stupid, we get between two and five hundred posts pointing out the error and ripping on the editor that put it on the front page. Occasionally, a thread or two spawns discussing some tangentially related subject that ends up being interesting on its own merrits.

As far as I'm concerned, the system is working as intended. Seriously, who would you rather discuss politics with? The Digg crowd? The people that leave comments on Youtube? Seriously, answer that question and go there. Then come back and tell us what you find.

Haven't you noticed slashdot becoming more of a political "tool" then a place to discuss news for nerds.

No. Most of us are capable of independent thought. That's why we're all here, sharing our thoughts and adding the insights of others to our own. At the very least we're sharpening our ideas by arguing against those we disagree with.

The fact that we often agree in large numbers speaks more to the fact that we're a self-selected group than anything else. The fact that the editors pander to us says more about their lust for precious ad revenue than their political views. Not all herds are made of sheep. And even if they were, kdawson (it's him everyone bitches about, right? I honesty don't pay attention to the editors' names) sucks at playing sheep-dog.

Seriously, who would you rather discuss politics with? The Digg crowd? The people that leave comments on Youtube? Seriously, answer that question and go there. Then come back and tell us what you find.

It wouldn't be so bad if the politics introduced where neutral in the stories and the users take it from there. But all the stories are Evil Republicans, Baby Eating Bush, and so on.

Powers-that-be-bashing is always going to be the order of the day among a largely libertarian crowd. The editors are just clumsily following along with the trends we set. I could be wrong, I guess we could test that by picking out opposed stories that made it to the firehose, and see how their chances of hitting the front page relates to their rating from before.

Now if you want to talk about the mainstream media (where many of these stories come from), well, that's something different entirely. I can't rea

I'm not paranoid because that really happened to me and forced me to change my phone number as they kept calling at 2am 3am at night every night and waking me up. Maybe you find that sort of thing as normal and if a person gets upset over it you call them paranoid. But what if it happened to you night after night? They spoofed caller ID using an Internet connection to make the calls, so the Police couldn't trace the harassing calls. I have evidence to back it up as well as police reports.

I think that its time Slashdot retired the 'flamebait' mod. The original poster complained about 'left wing bias', so I think asking if he is simply filtering out all contrary data points is fair comment. It certainly looks that way to me.

The US right wing is responsible for causing the deaths of hundreds of thousands of Iraqi civilians by enabling an incompetent and dishonest President to rule by fear. They have smeared and slimed their opponents with attacks on their patriotism. They have lied about WMD

The government folks are snooping goverment records all the time anyway. Just ask Hillary about the FBI and IRS records for political foes the last time she lived at the White House.

And that is why you don't want any MORE info in the hands of the feds than the minimum needed. In my opinion the guvmint should be required to send you a letter every time it looks up your personal information. This would sure open some people's eyes I bet.

In my opinion the guvmint should be required to send you a letter every time it looks up your personal information. This would sure open some people's eyes I bet.

If that's your goal, then push for it to cover private contractors working on a government contract.

Otherwise the FBI, DHS, et. al. could just contract out and never provide any notification, since the government agency in question never accessed a citizens personal information (but their contractor did).

One of the things that got my attention about this story (yesterday when it was actually still news) was the mention of "government officials". Even though the story had it right that it was contractors that did the peeking, they continued to refer to them as "government officials".

As a former government contractor I can say with a fair amount of confidence that we are safe from "government officials" looking up our records in Federal databases. Most of them are doing good to get through their morning e-mail without a call to the help desk. The really technical ones can manage simple spreadsheets (although in my experience this involved a fair amount of hand-holding too).

I'm not sure if the problem here is that the average citizen doesn't know the difference between a contractor and a "government official" or if the reporters involved just weren't sure which one it was. Chances are that if you call the IRS, Social Security Administration, or State Department you are going to be talking to a contractor, not a "government official" or even (if we want to consider a third category) a government employee. They don't do database updates, they don't do secretarial work, they don't write computer programs, they certainly don't make their own travel arrangements (Clinton/Gore's government re-invention program relieved them of this onerous responsibility) and they can sit right next to a ringing telephone for hours without being bothered by it.

So, now, the question remains for those who are in favor of the government doing more and more things for us, all of such things involving the collection of various bits of data about ourselves: Who would you rather have access to that data... (a) a contractor, who as we've seen might use idle time to sneak a peek at their neighbors info, or (b) a government employee (or official) who might also do such things, but in addition might accidentally delete or mangle your records because they don't have a clue how the data is organized.

By the way my answer is (c) none of the above. There is no technology fix for this. If you don't want your data looked at, then don't have it out there. That means you have to take a certain amount of responsibility for your own lives. Tough huh?

In a twist, it turns out at least one search was performed by a contractor paid by an Obama advisor. It also appears that the records were accessed multiple times, not just the once (with quick reaction) initially stated. Now, I personally think that passport information is personal information and that personal information deserves a very high level of protection. I totally agree with the EU and the UK on that, although I think both have been too willing to compromise on principles in order to get anywhere with the US where there is no meaningful privacy at all.

(I find it sad that in America, private property is often guarded with deadly force, but private property is replaceable, whereas privacy has no protection at all and privacy can never be replaced. Once privacy is lost, it is lost forever.)

Actually, the private information is guarded against inappropriate access. The fact that you now know about breaches means it is being guarded. The problem was a break down in the communication chain and the proper disclosure to the right people wasn't made available soon enough. There was a failure in the system that ended up delaying us from being informed.Surprisingly, the contractor was fired and the two workers weren't? I'm not sure why this happened, I would hope that they are given the rules of acces

All three people who accessed the information were employees of contractors. Some were fired immediately by the contractor before the State Department learned about it. The others the State Department specifically asked that they NOT be fired so they had some leverage to get them to cooperate with the ensuing investigation. (If they were fired, they wouldn't have to do anything unless actually subpoenaed.) Apparently if the state department had not intervened, the contractor would have fired them already. (The exception being the trainee who looked up Hillary instead of a family member during the training exercise - that was (probably properly) viewed as a training error and that employee just had the error explained.)

Regardless, while this is private information, it's not exactly SENSITIVE private information. There's really nothing in these files that isn't a matter of public record (when you applied, where you lived when you applied, name, birthdate) or isn't going to be terribly interesting for any political reason (SS#).

It's pretty safe to assume these breaches were merely the result of idle curiosity, as there's really no other reason to even bother looking at these files with such uninteresting information. That would also explain the fairly wide access thousands of people have to these files.

And to the GP:

Yes, an Obama campaign supporter (donated $2,300) runs one of the contractors whose employees looked at the files. But a Clinton campaing supporter (donated $1,000) runs the other one. Pretty much a wash, unless you're McCain.

Regardless, while this is private information, it's not exactly SENSITIVE private information. There's really nothing in these files that isn't a matter of public record (when you applied, where you lived when you applied, name, birthdate) or isn't going to be terribly interesting for any political reason (SS#).

Actually, that's not true. There was a news story yesterday that said that passport records also contain the results of any background checks the government runs when deciding whether to issue you a passport. Why dig up dirt on someone yourself when you can have the government do it for you?

(I find it sad that in America, private property is often guarded with deadly force, but private property is replaceable, whereas privacy has no protection at all and privacy can never be replaced. Once privacy is lost, it is lost forever.)

Only that privacy doesn't exist in any physical sense. It is a purely abstract concept and its boundaries are very poorly defined.

Everything I have read states that the names of the contractors who did the search and the companies they work for have been withheld. What evidence do you put forth that an Obama paid advisor was also a contractor at the State Department and was responsible for querying the records? Since you provided no evidence it would seem likely you do not have any.

Read the article once more. Yes, and employee of Analysis Corp. checked out Obama's and McCain's passport information. Also, Analysis Corp is run by John Brennan. John Brennan also does some consulting for Obama.

Also note that in the article, it notes that the CEO of Stanley, another passport database contractor, is a Clinton supporter. Also irrelevant.

What's private about passport records? Passport records contain your name, your address, your social security number, your place of birth, and a photo of you. With a sufficiently-large selection of data from the passport records, you could find someone who looked similar to you and could genuinely steal their identity in a long-lasting fashion.

What galls me is that, apparently, the database has a flag that can be set for "famous people", which causes a supervisor alert whenever the file is accessed. Where is the special alert for the rest of us? We're the ones whose data could be abused to wreak havoc on our lives and finances.

What galls me is that, apparently, the database has a flag that can be set for "famous people", which causes a supervisor alert whenever the file is accessed. Where is the special alert for the rest of us? We're the ones whose data could be abused to wreak havoc on our lives and finances.

Oh God Yes!!! I agree so much with that statement.

I don't know about you, but there's no way in hell I could walk into a bank and say that I'm Barak Obama; regardless of the documentation I have (I'm short and all white.) Or Hillary for that matter - I'm male. But, I could walk in with any one of other hundreds of thousands of identities and wreak havoc. My banker told me that she gets at least one person a week trying to steal someone's identity. Hence the endless questions when opening an account. It's also for the (non) PATRIOT Act bullshit - but that's another topic.

When I go through immigration to a different EU country from the UK my passport doesn't get stamped. It doesn't get stamped on the way back either. Currently, my passport is empty, even though I've left Britain several times recently.

They do scan the passport's OCR text though, I wondered if they kept a record of that.

I was following news coverage of passport records on Friday, and apparently they contain WAY more data than your passport, ID, and travel records. Criminal records, details about your interactions with other countries, attempts to change citizenship, etc.

Replying here and not to the GP since I think this adds something to the parent's argument.

Oh, you can do a lot of nasty things with passport records besides ID theft. For instance, you can have your HR department datamine it to keep out, er, undesirables. And their children too, to the (oh, I don't know, let's say) tenth generation, just 'cuz. What, you've never met anyone that has a thing against immigrants, legal or otherwise?

I'll stop having something to hide when the rest of humanity stops judging peo

And how does passport records (assuming it is just entry & exit times) relate to Real ID in any fashion?

The issue is not the records, it's who has access to them, and what they do with that access.

You certainly don't have access, but somebody with an axe to grind might. Nixon had his Enemies List. The TSA has the No-Fly List. According to Newsweek, 1.3 million Americans have their bank accounts under the same sort of "special scrutiny" that noticed Eliot Spitzer moving a few thousand dollars around. (Less than the $10,000 banks are required to report.) The bank account monitoring came about due to PATRIOT, by the way.

The government folks are snooping goverment records all the time anyway

Actually that's not as true as you might think, but regardless, it's irrelevant. As this case demonstrates, now the contractor folks are snooping government records too.

My guess is, as more and more data gets collected, we simply won't have privacy any more. The only fix I see is to simply stop collecting (and storing, and making more available, and organizing so intelligently) so much data.

In the Spitzer case, I don't see how his downfall benefits New York. Why are we collecting all this data about people? Whatever good comes of it (if any, can somebody think of any good that's come of it) seems to be completely outweighed by the bad.

Perhaps I'm okay with collecting the data, but it should be abstracted away from the person's identity. You should probably need to convince a judge to issue a search warrant on the basis that User_ID 136137134 is showing a pattern of suspicious activity.

As I recall this is more or less why we have a FISA court in the first place. To prevent exactly the sorts of abuses of surveillance that Nixon, Hoover, et. al. were so fond of.

Real ID is an attempt to eliminate the cartoon-drawing Driver's Licenses that some states hand out.

If that was all that realid did, it would simply have to mandate minimum standards for drivers licenses -- and if that was all it did, I doubt that California would mind joining in on it.

What Realid also does, is force states to combine all of their records together where the federal government can access them, and allows the federal government to join that data with private and government data for whatever purpose it wants.

All of that data in one place is a really big prize for somebody wanting to mess with somebody's life -- especially when you consider that DHS has consistently failed security audits for it's computer networks.

Indeed, it's been a complaint for a long time, even though Malda and his gang don't claim to publish the latest news in the fastest time possible. In fact, they would rather sit on a story and see how it unfolds so that the discussion can have some perspective.

In fact, there's even a FAQ entry [slashdot.org] addressing this topic. If you want the latest news as soon as it happens, there's other sites to visit. Like others have said, go to Digg for the links, and come to Slashdot for the discussion.

You obviously have NEVER gotton a pasport AC!It holds quite abit about your lifes history, Not just Name, Address, Phone number, country of origin. But SSN, your mother and fathers information, copies of your BIRT HCERTIFICATE, copies of 2 forms of photo ID. So anyone wanting to oh say engage in identity theft, pasport files are a one stop shop!